diff options
author | Jon Spillett <jon.spillett@oracle.com> | 2020-08-20 15:10:21 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-01-20 13:10:49 +0100 |
commit | ac6ea3a7c5f53dad710987aae289a66a2e3f159e (patch) | |
tree | 279dce886f91f8543149378e6260b89ce5dc475d /test/recipes/15-test_gendsa.t | |
parent | 07b6068d240fb5af56fab880f2f971293a49f124 (diff) | |
download | openssl-new-ac6ea3a7c5f53dad710987aae289a66a2e3f159e.tar.gz |
test-gendsa: Add test cases with FIPS provider
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13894)
Diffstat (limited to 'test/recipes/15-test_gendsa.t')
-rw-r--r-- | test/recipes/15-test_gendsa.t | 52 |
1 files changed, 49 insertions, 3 deletions
diff --git a/test/recipes/15-test_gendsa.t b/test/recipes/15-test_gendsa.t index 5e36109b37..4616deacc1 100644 --- a/test/recipes/15-test_gendsa.t +++ b/test/recipes/15-test_gendsa.t @@ -11,15 +11,25 @@ use strict; use warnings; use File::Spec; -use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir bldtop_dir bldtop_file/; use OpenSSL::Test::Utils; -setup("test_gendsa"); +BEGIN { + setup("test_gendsa"); +} + +use lib srctop_dir('Configurations'); +use lib bldtop_dir('.'); +use platform; plan skip_all => "This test is unsupported in a no-dsa build" if disabled("dsa"); -plan tests => 11; +my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); + +plan tests => + ($no_fips ? 0 : 3) # FIPS install test + fips related tests + + 11; ok(run(app([ 'openssl', 'genpkey', '-genparam', '-algorithm', 'DSA', @@ -97,3 +107,39 @@ ok(run(app([ 'openssl', 'genpkey', ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DSA'])), "genpkey DSA with no params should fail"); + +unless ($no_fips) { + my $provconf = srctop_file("test", "fips-and-base.cnf"); + my $provpath = bldtop_dir("providers"); + my @prov = ( "-provider-path", $provpath, + "-config", $provconf); + my $infile = bldtop_file('providers', platform->dso('fips')); + + ok(run(app(['openssl', 'fipsinstall', + '-out', bldtop_file('providers', 'fipsmodule.cnf'), + '-module', $infile, + '-provider_name', 'fips', '-mac_name', 'HMAC', + '-section_name', 'fips_sect'])), + "fipsinstall"); + + $ENV{OPENSSL_TEST_LIBCTX} = "1"; + + # Generate params + ok(run(app(['openssl', 'genpkey', + @prov, + '-genparam', + '-algorithm', 'DSA', + '-pkeyopt', 'pbits:3072', + '-pkeyopt', 'qbits:256', + '-out', 'gendsatest3072params.pem'])), + "Generating 3072-bit DSA params"); + + # Generate keypair + ok(run(app(['openssl', 'genpkey', + @prov, + '-paramfile', 'gendsatest3072params.pem', + '-text', + '-out', 'gendsatest3072.pem'])), + "Generating 3072-bit DSA keypair"); + +} |